I do not even know what services are using rwhod and what they are using it for.
You could use your local manpages,
man (1) rwho at LQ or query, say
FOLDOC for it...
Firewall and Samba don't rely on the client rwho or the network daemon rwhod, so I'd say stop the service. Next run "netstat -an" and check any app which says "LISTEN" and think about if you need to run that app for yourself or anybody else. If unsure, stop and see if something breaks, then uninstall (can always reinstall later).
Lo and behold, you've taken your first steps towards hardening your box... Read on in the first sticky thread of this forum, post #1, under "checklists" and commence with a few securing/hardening docs, and run for instance Bastille, Tiger and Chkrootkit.
The "ops not permitted" is clearly an interface restriction thingie (192.168.1.255 being your subnet broadcast address), but what causes it? Causes can range from Netfilter to kernel patches.
If you really really need to know you could run rwhod under "strace".